<?php
function getPassword($stars = false)
{
    // Get current style
    $oldStyle = shell_exec('stty -g');
    
    if ($stars === false) {
        shell_exec('stty -echo');
        $password = rtrim(fgets(STDIN), "\n");
    } else {
        shell_exec('stty -icanon -echo min 1 time 0');
        
        $password = '';
        while (true) {
            $char = fgetc(STDIN);
            
            if ($char === "\n") {
                break;
            } else if (ord($char) === 127) {
                if (strlen($password) > 0) {
                    fwrite(STDOUT, "\x08 \x08");
                    $password = substr($password, 0, -1);
                }
            } else {
                fwrite(STDOUT, "*");
                $password .= $char;
            }
        }
    }
    
    // Reset old style
    shell_exec('stty ' . $oldStyle);
    
    // Return the password
    return $password;
}

print "|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx|\n";
print "     psLogin.php - ApOgEE, jerungkun@gmail.com\n";
print "         PersiaSYS Login tool via CLI\n";
print "|xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx|\n";
print "\n";

$useragent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 (.NET CLR 3.5.30729) "; //firefox 

// get cookie and md5 challenge
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://logout.persiasys.com/login");
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent); 
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 200); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); 		
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //return site as string 
curl_setopt($ch, CURLOPT_COOKIEFILE, "./logincookie.txt"); 
curl_setopt($ch, CURLOPT_COOKIEJAR, "./logincookie.txt"); 
$pg = curl_exec($ch);
curl_close($ch);

if (preg_match_all("/hexMD5\((.*?)\);/", $pg, $matches))
{
	// get the java md5 challenge
	$hexstr = $matches[1][0];
};

if ($hexstr == "") {
	print "You Already Logged in!..\n\n";

} else {
	// ask login
	print "Login: ";
	$login = trim(fgets(STDIN));
	
	// ask password
	print "Password: ";
	$password = getPassword(true);


	$thestr = explode('+',$hexstr);
	$tss = str_replace('\'','',$thestr[0]);
	$chars =  explode('\\',$tss);

	// the first char challenge 
	$chout = chr(octdec($chars[1]));	

	$tss = str_replace('\'','',$thestr[2]);
	$chars =  explode('\\',$tss);

	// blend in the password
	$chout .= $password;

	foreach ($chars as $oct) {
		if (strlen($oct) > 1) {
			// add up the other challenge string
			$chout .= chr(octdec($oct));	
		}
	}
	
	// convert the string to md5
	$md5pass = md5($chout);
	
	// pack it in a post variables
	$loginsubmit = "username=" . $login . "&password=" . $md5pass . "&popup=true&dst=http://www.google.com";

	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, "http://logout.persiasys.com/login");
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($ch, CURLOPT_TIMEOUT, 200);
	curl_setopt($ch, CURLOPT_HEADER, 1);
	curl_setopt($ch, CURLOPT_POST, true); 
	curl_setopt($ch, CURLOPT_POSTFIELDS, $loginsubmit); 
	curl_setopt($ch, CURLOPT_COOKIEFILE, "./logincookie.txt"); 
	curl_setopt($ch, CURLOPT_COOKIEJAR, "./logincookie.txt"); 
	curl_setopt($ch, CURLOPT_REFERER, "http://logout.persiasys.com/login");
	curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 3); 
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 

	$pg = curl_exec($ch);
	curl_close($ch);
	
	$hexstr = "";
	
	if (preg_match_all("/hexMD5\((.*?)\);/", $pg, $matches))
	{
		// try to get the hexMD5 again
		$hexstr = $matches[1][0];
	};

	if ($hexstr == "") {
		// no more challenge, we're in!
		print "\nWelcome ".$login."\n";
		print "You have Successfully Logged in!..\n\n";

	} else {
		// Shit, we still got a challenge, maybe you put a wrong password!!
		print("md5: " . $hexstr . "\n");
		print "Sorry, Login Failed..\n\n";
	}

}

// clear the mess
if (file_exists('./logincook.txt')) { unlink('./logincook.txt'); }
?>
